Changes between Version 23 and Version 24 of SPLogout
- Timestamp:
- 11/21/12 13:25:30 (12 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
SPLogout
v23 v24 1 ''This is a prototype SP logout landing page. The Service destroys its session but cannot destroy the SSO cookie. So it is trivial to use the SSO cookie to log back into that service or another in the same security domain. To prevent such behavior (a high risk / high security application or a need to log into the same service as a different user) the SP can re-direct the browser to a page like this that offers the opportunity to end the SSO session. The SP could also directly use the link behind the "End My Current SSO Session", removing the option from the user.'' 1 2 2 3 === You have been logged out of {the Application or Service that re-directed you here}. ===
